Sophos Techknow

Welcome to another episode of Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.

In this episode, entitled Understanding Vulnerabilities, Paul Ducklin and Chester Wisniewski demystify vulnerability jargon in a way that’s useful to IT administrators.

After all, we’ve become so used to abbreviations like RCE, EoP and DoS that they have begun to lose their significance.

They stand for Remote Code Execution, Elevation of Privilege and Denial of Service respectively – problems that sound serious when written out in full, but somehow become “just one of those things” when reduced to acronym form.

But is an RCE worse than an EoP? Is a DoS less serious than an EoP? Where do Information Disclosure bugs fit in?

Chet and Duck help you answer these questions, and more, not only for the sake of interest, but also so that you can prioritise your patches in a way that fits your organisation best.